[nsp-sec] psst hey buddy want a list of compromised popmail accounts:)

Joel Rosenblatt joel at columbia.edu
Thu Mar 27 18:05:49 EDT 2008 

What's amazing to me is that

320 of the 850 have password as the password
242 of the 850 have info     as the password
 77 of the 850 have 123456   as the password
 58 of the 850 have abuse    as the password
 46 of the 850 have sales    as the password

No wonder computer security is an uphill battle :-)

My 2 cents.

Joel Rosenblatt

It may be 849 - I think I counted the first line in that :-)

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel





--On Thursday, March 27, 2008 3:53 PM -0600 "Smith, Donald" <Donald.Smith at qwest.com> wrote:

> ----------- nsp-security Confidential --------
>
> https://asn.cymru.com/nsp-sec/upload/1206654205.whois.txt
>
> Here are the popmail accounts that were compromised to send SMTP spam to
> the SMTP -> sms gateways.
> I don't have time stamps but you probably won't need them as the vast
> majority of these will not be dynamic IP addresses.
> Format is as follows:
> AS|IP|accountname password|ip owner.
>
> When contacted please only tell them the account name and that that
> account has been compromised and is being used to send spam. I wouldn't
> mention the sms side of this.
>
> If you want to share the password with them as proof I have no problem
> with that they are mostly "joe" accounts.
>
> H8Hz
> Donald.Smith at qwest.com giac
>
>
> This communication is the property of Qwest and may contain confidential or
> privileged information. Unauthorized use of this communication is strictly
> prohibited and may be unlawful.  If you have received this communication
> in error, please immediately notify the sender by reply e-mail and destroy
> all copies of the communication and any attachments.
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________



Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel

More information about the nsp-security mailing list